Hacking, by definition, is gaining unauthorized access to data in a system or computer. Now, many of us are familiar with hacks or threats of such to our personal data—spam emails, scammers via your phone, and clickbait viruses that can really be a pain to deal with. There’s a much bigger picture when it comes to hacking, though. Hacking has been used and abused in large-scale schemes for decades, so let’s talk about some of the biggest hacks of all time.
In the mid-1990’s, as banks began to more frequently utilize electronic transfer of funds, they faced greater risk of electronic hacks. One Russian software engineer broke into a Citibank computer system all the way in New York and, with accomplices, stole over $10 million by wiring it to accounts all over the world. All but about $400,000 of the money was recovered. Vladimir Levin, the hacker behind the internet’s first-ever bank raid, was able to intercept customer phone calls, listening in on authenticating information, and then complete the fraudulent transactions.
In early 1999, a programmer by the name of David Lee Smith hacked into AOL, posting a file that promised free passwords to fee-based websites, specifically sites featuring adult content. When users clicked the link, a virus was unleashed on their computers. The Melissa Virus is notorious, though, because when the virus infected a user’s computer, it also sent an email to that user’s first 50 contacts, with a link to infect those user’s systems. The Melissa Virus spread like wildfire, and it didn’t seem to have intention to steal money or information, but because it spread so quickly, it still overloaded email servers, some of which had to be shut down entirely—including at Microsoft.
Sven Jaschan, at only 17 years old, wrote the Sasser worm which infected PCs and systems running Windows 2000 or Windows XP across the world. The worm shut down computers for the Maritime and Coastguard Agency in the UK, and wrecked Delta Airlines’ systems in Atlanta, forcing them to cancel 40 transatlantic flights. In Taiwan, more than 400 branches of the post office were forced to use pen and paper because of the Sasser worm. The worm wreaked international havoc.
Max Ray Butler, the “Iceman,” broke into numerous financial institutions, stealing credit card and identity information for hundreds of thousands of individuals. Butler was a former security analyst, who managed to hack into large institutions such as Citibank and the Pentagon Federal Credit Union. He used the nickname “Iceman” online, and his series of hacks and data thieving was used for personal profit.
Noted as one of the largest security breaches to date, computer hackers stole the names and email addresses of millions of people in the 2011 Epsilon hack. Epsilon provided marketing services via email to 2,500 companies at the time; the breach included large companies such as JP Morgan, Citigroup, Best Buy, and Disney Destinations. Epsilon fell victim to the spear phishing attack, meaning a piece of malware entered the system via malicious email camouflaged as authentic communication. This breach cost the firm anywhere between $225 million to $4 billion. Yikes.
Also in 2011, the Sony PlayStation Network was breached by members of the LulzSec hacker group. When gamers would log on to play online with friends, they were met with a message saying that the system was down temporarily for maintenance. The reality, however, was that hackers were behind the scenes hacking their way through Sony’s security, and obtaining access to personal, identifiable information of 77 million user’s accounts. Sony was forced to close their network down for the larger part of a month, costing them about $171 million.
Spear phishing plants malware on a system using spam email just like a normal phishing attack does, but the difference is that spear phishing attacks go to much greater lengths to seem authentic and harmless by imitating trusted, recognized sources. In 2013, a wave of these spear phishing attacks was targeting some huge global banks and financial institutions and are estimated to have stolen nearly $1 billion. It took two years to detect the attack, and it was traced back to organized crime groups in Russia. The malware that was used allowed hackers to impersonate bank staff to transfer funds, and even gave them access to cameras to see what was happening inside the bank offices.
This would-be heist was brought down due to a typo. It would have been the single biggest case of bank robbery in history, but a typo on a fraudulent transaction raised suspicions. The Bangladesh bank heist was still notable because the way the attackers got into the bank’s IT systems gave them secure access under the SWIFT global monetary transfer system. The syndicate of hackers had plans to steal $950 million, but when the typo blew their cover, they made off with just $81 million.
The WannaCry attack was a ransomware attack which targeted computers that ran Microsoft Windows by encrypting the data on the system and demanding ransom payments in the form of Bitcoin. The WannaCry ransomware was a worm, spreading quickly from network to network. Just two months prior to the cyberattack, Microsoft issued a patch that would have prevented the worm from infecting computers, but hundreds of thousands of systems were not updated in time, making them susceptible to the worm. Consider this your friendly reminder to keep your systems up to date!
Even the biggest tech companies can fall victim to security breaches, and Facebook is no exception. Hackers exploited a vulnerability, allowing them access to at least 50 million users’ data. The data included in the breach included names, phone numbers, email addresses, and even hometowns. Facebook discovered the hack in September and fixed the vulnerability shortly thereafter.
Cyberattacks have been around as long as a cyber space has existed. It is both impressive and terrifying to consider the possibilities that hackers can achieve, but that’s why we make your security our priority here at Dteckt. It’s important to prioritize your privacy and safety so that data hacking or ransomware schemes are prevented.
With Dteckt, you’re not just using a service; you’re embracing a safer digital future. Join us on this journey.